Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34322e302f32332d3233203d3e203135343139.roa
File: 38392e3131362e34322e302f32332d3233203d3e203135343139.roa (raw, json)
Hash identifier: LQgVQ1MyyeW/dmCTdxbfNRo0tK6PErHXDmnl/WHeT/0=
Subject key identifier: 41:AC:60:E4:2E:4B:85:77:2D:8B:23:60:F1:09:AD:D3:46:BE:48:0F
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 66C0C3F34BD970F79642147E6C709F75E44FB444
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34322e302f32332d3233203d3e203135343139.roa
Signing time: Fri 07 Jun 2024 09:01:53 +0000
ROA not before: Fri 07 Jun 2024 08:56:53 +0000
ROA not after: Fri 06 Jun 2025 09:01:53 +0000
asID: 15419
IP address blocks: 89.116.42.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:c0:c3:f3:4b:d9:70:f7:96:42:14:7e:6c:70:9f:75:e4:4f:b4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jun 7 08:56:53 2024 GMT
Not After : Jun 6 09:01:53 2025 GMT
Subject: CN=41AC60E42E4B85772D8B2360F109ADD346BE480F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a1:28:43:64:55:66:8b:31:01:c7:ae:2b:0d:
3c:77:51:3a:7c:5e:1e:6c:83:27:2c:62:8f:57:3e:
bb:24:7b:74:0a:d8:30:ee:8d:cd:0b:00:9d:bf:36:
c0:f3:0b:a8:2d:9b:5e:55:05:fe:16:a8:0b:fa:ad:
7d:1d:a2:3a:dc:17:a0:7f:4b:5d:b8:d1:8b:6e:f8:
03:7f:5c:15:0d:0c:31:44:bf:ad:dd:30:0a:cc:7c:
f4:5a:10:67:d3:86:11:8b:7c:cd:6f:be:85:53:43:
c8:a0:e5:6f:87:fc:60:fe:d4:6d:6b:30:a8:44:d9:
df:c3:0a:07:1c:ad:0c:26:ae:b9:b4:c3:f4:33:27:
3d:aa:75:d1:b6:a2:d0:20:ba:03:3e:45:d2:6a:90:
be:23:c7:20:f4:f0:1d:cb:a6:9a:05:fa:6c:ce:91:
41:f3:01:c6:84:f0:ca:84:0d:c8:b2:b2:e4:6e:7d:
39:a2:89:66:a7:b1:64:f4:0b:09:16:a2:34:40:77:
82:33:fd:a9:f0:b5:38:cd:eb:9b:64:35:f2:12:e0:
d5:be:19:41:5b:c3:6a:75:fc:53:cb:9b:fd:1a:38:
d3:1e:23:f2:1e:df:e9:c3:a9:a6:d3:4a:1f:c0:de:
89:74:73:ce:c6:38:42:9a:a6:af:1b:78:3f:91:32:
4f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:AC:60:E4:2E:4B:85:77:2D:8B:23:60:F1:09:AD:D3:46:BE:48:0F
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e34322e302f32332d3233203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.42.0/23
Signature Algorithm: sha256WithRSAEncryption
43:ef:13:ee:8c:a5:42:21:07:13:94:a6:5c:50:8f:99:3d:b5:
76:df:d9:59:ea:e8:45:4f:22:65:0f:40:86:c8:7c:35:e8:16:
b0:78:86:2b:4c:2d:91:4e:3b:f1:14:f1:e2:99:4b:ff:26:40:
e5:12:6b:a5:c3:b4:d5:cf:4f:95:6c:e4:34:43:25:12:3f:92:
77:6a:78:24:60:02:f0:08:d5:0f:af:bc:99:2a:e3:72:05:d8:
cb:74:2f:85:6c:e1:b2:f4:62:cc:05:81:00:c1:a2:b4:42:d1:
17:3b:b3:16:79:77:69:13:b1:3c:28:c5:e2:81:d6:6b:69:78:
08:36:d0:60:08:cf:95:e0:da:7f:f6:31:a2:a4:a0:9e:0c:d9:
5f:84:a7:21:14:a9:e9:9e:bc:6b:33:63:d1:bb:9a:e7:66:f7:
1d:9e:4c:08:ed:5c:b8:6f:ee:f2:c4:82:cd:c5:36:fa:cd:08:
7b:5f:41:a1:97:ec:e0:11:38:97:4a:9d:df:14:b2:12:3d:9e:
90:41:cb:21:8a:8c:27:fc:81:d7:1f:e7:fb:48:f4:2d:13:30:
2f:ce:ee:e2:85:3d:a1:b0:08:d2:44:da:e4:57:16:70:e5:22:
7e:7b:71:a8:f7:e1:90:11:24:53:e9:20:35:bc:d1:83:08:07:
ac:e6:b8:58
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZsDD80vZcPeWQhR+bHCfdeRPtEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNDA2MDcwODU2NTNaFw0yNTA2MDYwOTAxNTNaMDMxMTAvBgNV
BAMTKDQxQUM2MEU0MkU0Qjg1NzcyRDhCMjM2MEYxMDlBREQzNDZCRTQ4MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmoShDZFVmizEBx64rDTx3UTp8
Xh5sgycsYo9XPrske3QK2DDujc0LAJ2/NsDzC6gtm15VBf4WqAv6rX0dojrcF6B/
S1240Ytu+AN/XBUNDDFEv63dMArMfPRaEGfThhGLfM1vvoVTQ8ig5W+H/GD+1G1r
MKhE2d/DCgccrQwmrrm0w/QzJz2qddG2otAgugM+RdJqkL4jxyD08B3LppoF+mzO
kUHzAcaE8MqEDciysuRufTmiiWansWT0CwkWojRAd4Iz/anwtTjN65tkNfIS4NW+
GUFbw2p1/FPLm/0aONMeI/Ie3+nDqabTSh/A3ol0c87GOEKapq8beD+RMk8RAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUQaxg5C5LhXctiyNg8Qmt00a+SA8wHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzNDMy
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVl0
KjANBgkqhkiG9w0BAQsFAAOCAQEAQ+8T7oylQiEHE5SmXFCPmT21dt/ZWeroRU8i
ZQ9Ahsh8NegWsHiGK0wtkU478RTx4plL/yZA5RJrpcO01c9PlWzkNEMlEj+Sd2p4
JGAC8AjVD6+8mSrjcgXYy3QvhWzhsvRizAWBAMGitELRFzuzFnl3aROxPCjF4oHW
a2l4CDbQYAjPleDaf/YxoqSgngzZX4SnIRSp6Z68azNj0bua52b3HZ5MCO1cuG/u
8sSCzcU2+s0Ie19BoZfs4BE4l0qd3xSyEj2ekEHLIYqMJ/yB1x/n+0j0LRMwL87u
4oU9obAI0kTa5FcWcOUifntxqPfhkBEkU+kgNbzRgwgHrOa4WA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:15 2024 by rpki-client on console-ams.rpki-client.org